---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: &app external-dns
spec:
  interval: 30m
  chart:
    spec:
      chart: external-dns
      version: 1.14.5
      sourceRef:
        kind: HelmRepository
        name: external-dns
        namespace: flux-system
  install:
    crds: CreateReplace
    remediation:
      retries: 3
  upgrade:
    cleanupOnFail: true
    crds: CreateReplace
    remediation:
      strategy: rollback
      retries: 3
  values:
    fullnameOverride: *app
    provider: cloudflare
    env:
      - name: CF_API_TOKEN
        valueFrom:
          secretKeyRef:
            name: external-dns-secret
            key: api-token
    extraArgs:
      - --ingress-class=external
      - --cloudflare-proxied
      - --crd-source-apiversion=externaldns.k8s.io/v1alpha1
      - --crd-source-kind=DNSEndpoint
    policy: sync
    sources: ["crd", "ingress"]
    txtPrefix: k8s.
    txtOwnerId: default
    domainFilters: ["${SECRET_DOMAIN}"]
    serviceMonitor:
      enabled: true
    podAnnotations:
      secret.reloader.stakater.com/reload: external-dns-secret
